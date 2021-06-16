Imagine having your cell phone usage monitored all the time, with the right to typed information, calls made, messages exchanged and even the right to someone watching everything you are doing live. It’s the reality of stalkersware, spy apps whose use grew by 48% in 2020, becoming a constant threat mainly for users of the Android operating system. The perspective is that the numbers will continue to increase in 2021.

This is an issue that goes beyond just the privacy of smartphone data, also bumping into issues related to family or worker abuse. Apps often emerge disguised as parental control software, when developers actually try to make the solutions look more legitimate; in most cases, especially when it comes to advertisements and official sites available in a simple way, a search away, there is no intention to hide that the idea is, even, to hurt privacy and monitor third parties without them noticing.

An analysis carried out by the specialized security company ESET also showed that, in addition to the great problem that this type of use represents, the use of spy apps alone can also open the door to malicious exploits by third parties unknown to the victim and himself. stalker. This is due to the use of completely unsafe information management, storage and even remote control policies, with scams, too, taking advantage of the high popularity of this type of solution.

They are, effectively, on the rise. The 48% increase registered in 2020 further expands a number of applications that quintupled in 2019 compared to the previous year. According to the survey carried out by experts, today, there are 86 application developers focused on smartphone spying, 71% of them on the Android operating system. “The difference in market share [em relação ao iOS] is a factor, but the ease of installing a stalkerware [na plataforma do Google] puts users at greater risk,” explains Lukas Stefanko, malware researcher at ESET.

He points out, for example, the fact that the 21% share of stalkerware available for the iPhone require the device to have gone through the jailbreak process, increasingly hampered by Apple and generally less present. According to the expert, it is noteworthy the fact that most security apps available on the market are able to detect such spy apps, but their use continues to become more and more popular, mainly because of the compromises that come at the hands of people in whom the victim usually trusts.

Most applications in this category require the individual interested in spying to have physical access to the devices in order to install the stalkerware and deliver all the necessary permissions for them to work. According to Stefanko, there are so many requests, even when compared to the most invasive or demanding social media apps, that a remote installation ends up being uninteresting.

45% of the solutions reviewed are available in temporary trial versions, with payment later, while only 17% are completely free. In 13% of cases, additional features can be released with subscriptions or full amounts, while 25% can only be used by paying users. Payments usually take place through the operating systems’ own app stores, which means that their administrators also receive part of what is given to the developers.

After being authorized, the stalkersware they can hide as system icons or try to pose as legitimate solutions, avoiding visual detection even when opened. Camera captures, microphone recordings or calls, typed information, conversations and photos received are sent to servers in the cloud, accessible by those interested in spying, so that monitoring can take place directly and constantly.

In even more worrying cases, detected by ESET’s analysis, some of the verified solutions also allowed remote control via SMS. A message was enough to, for example, receive the GPS coordinates or even initiate a call or video call, which would allow him to hear or see everything that is happening in the victim’s surroundings without the victim herself noticing that she was being spied on. Such records, too, are stored in the cloud for later viewing. And it is precisely in this sharing that the second problem encountered by specialists resides.

all mastered

In the survey conducted by the security company, 67% of spy apps had serious security issues. Through them, victims were exposed not only to their spouses, partners, bosses or other individuals responsible for the installation, but also to third parties who could have access to personal data, intimate information and images, credentials and other compromising entries or those that enable the carrying out scams and frauds.

In the cloud, for example, researchers were able to find 182,000 photos, 130,000 call recordings, 3,700 emails and more than 1.3 million pieces of information capable of identifying victims individually. All data was open, without any authentication or security policy, and available to anyone who had access to the server via the internet.

Stefanko draws attention, for example, to spy apps that record what is typed. Among personal messages, surveys and websites accessed, credentials for accessing social networks and other services, bank details and other sensitive information are also present. The same goes for contact lists, copies of appointment books and location data that could also be found among the publicly available volume from the analyzed apps.

The expert also points out that, just as a partner could use a text message to spy on his girlfriend, the same could also be done by a malicious third party who has access to the victim’s number and commands from the stalkerware used. Again, he indicates, the doors are opened for an even greater breach in the privacy of those affected, in addition to the original commitment per se.

The absence of good security practices is also recorded in data manipulation, with ESET experts discovering collected data available in the app vendor’s clouds even after the original accounts have been collected. Furthermore, in 78% of the vulnerabilities indications made by the researchers, there was no attitude towards the problems, while only 10% closed the holes or corrected common mistakes such as the lack of protection of the data available on their servers. The remaining 12% even responded to contacts, but changes were not detected within 90 days.

For this exact reason, the specialized company chose not to disclose a list of apps analyzed. Stefanko also indicated that all solutions are part of common indicators of compromise among digital security software, with protection applications available on the market being able to detect the presence of stalkerware in the system, preventing its functioning and performing the uninstallation.

Therefore, the use of protection solutions becomes essential. In addition, the expert recommends that users do not leave their cell phones unattended or share unlock passwords with anyone, so that applications cannot be installed without their knowledge and through physical access.